Onboarding a VNF which includes a VDU with multiple VNFCs

ABSTRACT

The instant solution includes at least one element or action described or depicted herein.

TECHNICAL FIELD

This application generally relates to onboarding of Virtual NetworkFunctions (VNFs) in a system employing a Network Function Virtualization(NFV) architecture. More specifically, the application relates toonboarding a VNF which includes multiple Virtual Network FunctionComponents (VNFCs) in a single Virtual Deployment Unit (VDU).

BACKGROUND

Network Function Virtualization (NFV) based architectures offer a way todesign and deploy telecommunication network services. In the past, thefunctions that make up these services have been tightly coupled to theproprietary hardware on which they execute. NFV based architecturesdecouple the software implementation of these functions from theunderlying infrastructure. The software typically runs in virtualmachines or containers, under the control of a hypervisor or operatingsystem which run on commercial off-the-shelf (COTS) servers. Thisapproach has the promise of significant reductions in capital andoperational expenses for service providers as custom hardware is nolonger required and scaling is provided through additional softwaredeployments, not a provisioning of new physical equipment.

The European Telecommunications Standard Institute (ETSI) networkfunctions virtualization (NFV) industry specification group (ISG) hasdefined a reference NFV architecture. ETSI took an approach that enablesexisting management infrastructure such as Operational Support Systems(OSS)/Business Support Systems (BSS) and Element Management Systems(EMS) to remain in place. The standard is focused on getting NetworkServices (NSs) and Virtual Network Functions (VNFs) deployed on a cloudbased infrastructure, while leaving traditional Fault, Configuration,Accounting, Performance and Security (FCAPS) to be managed by EMS andOSS/BSS.

The Open Network Automation Platform (ONAP) Linux Foundation Projectpresents a competing, though related architecture. This architecture isin many ways a superset of the ETSI NFV architecture as it offers acomplete system wide solution including VNF package creation andmanagement, user management, service management, and VNF deployment intovarious cloud platforms. Complete VNF management, including traditionalFCAPS, removes the reliance on EMSs, though integration with existingOSS/BSSs is still supported.

SUMMARY

In an NFV architected system, functions that were tied to specializedhardware in the past are decoupled so that their softwareimplementations can be executed in virtualized containers running onCOTS hardware. These decupled software implementations are calledVirtual Network Functions (VNFs). Each of these functions is made up ofone or more software components which are known as VNF Components(VNFCs). In the current architectural standards, VNFCs are mapped one toone with a virtual machine/container. A description of this mapping,which describes the VNFC software, operating system, etc. that will bedeployed together, is known as a Virtual Deployment Unit (VDU). Therationale for limiting a VDU to a single VNFC is that the hosting VM orcontainer provides limits to the underlying resources that the VNFC canconsume. One downside to this approach however is the resource overheadrequired for each VM/container. This can be very problematic when tryingto deploy a VNF onto a hardware platform with minimal resources. Anotherdownside is the number of VMs/containers that have to be managed. Giventhis, there exists a need to onboard a VNF which includes a VDU thatcontains multiple VNFCs.

BRIEF DESCRIPTION OF DRAWINGS

FIG. 1 is a diagram of an embodiment of a network functionvirtualization framework in accordance with one or more embodiments.

FIG. 2 is a diagram of an embodiment of a VNF descriptor in accordancewith one or more embodiments.

FIG. 3 is a diagram of an embodiment of a VNFC descriptor in accordancewith one or more embodiments.

FIG. 4 is a diagram of an embodiment of a VNF package in accordance withone or more embodiments.

FIG. 5 is a diagram of an embodiment of a VNF package archive inaccordance with one or more embodiments.

FIG. 6 is a diagram of an embodiment of a deployment of a VNF withmultiple VNFCIs in a single Virtualized Container (VC).

FIG. 7 is a diagram of an embodiment of a standard hardware diagram inaccordance with one or more embodiments.

FIG. 8 is a diagram of an embodiment of a VNF onboarding flow chart inaccordance with one or more embodiments.

DETAILED DESCRIPTION

It will be readily understood that the instant components and/or steps,as generally described and illustrated in the figures herein, may bearranged and designed in a wide variety of different configurations.Thus, the following detailed description of the embodiments of at leastone of a method, system, component and non-transitory computer readablemedium, as represented in the attached figures, is not intended to limitthe scope of the application as claimed, but is merely representative ofselected embodiments.

The instant features, structures, or characteristics as describedthroughout this specification may be combined in any suitable manner inone or more embodiments. For example, the usage of the phrases “exampleembodiments”, “some embodiments”, or other similar language, throughoutthis specification refers to the fact that a particular feature,structure, or characteristic described in connection with the embodimentmay be included in at least one embodiment. Thus, appearances of thephrases “example embodiments”, “in some embodiments”, “in otherembodiments”, or other similar language, throughout this specificationdo not necessarily all refer to the same group of embodiments, and thedescribed features, structures, or characteristics may be combined inany suitable manner in one or more embodiments.

In addition, while the term “message” may have been used in thedescription of embodiments, the application may be applied to many typesof network data, such as, packet, frame, datagram, etc. The term“message” also includes packet, frame, datagram, and any equivalentsthereof. Furthermore, while certain types of messages and signaling maybe depicted in exemplary embodiments they are not limited to a certaintype of message, and the application is not limited to a certain type ofsignaling.

Disclosed herein are various embodiments for implementing and/orutilizing lifecycle management of VNFC modules. A VNF is theimplementation of a network function that can be deployed in an NFVarchitecture. VNFs can be viewed as service building blocks which may beused by one or more Network Services (NSs). Examples of VNFs include,but are not limited to, firewall, application acceleration, Deep PacketInspection (DPI), Session Initiation Protocol (SIP) user agent, andNetwork Address Translation (NAT).

Each VNF specifies its deployment and operational behavior in adeployment template known as a VNF Descriptor (VNFD). This descriptoralong with the VNF software bundle are delivered to an NFV managementsystem in an archive known as a VNF Package. A VNF may be implementedusing one or more VNF Components (VNFCs). A VNFC is an internalcomponent of a VNF that provides a subset of that VNF's functionality.The main characteristic of a VNFC is that it maps n:1 with a VirtualizedContainer (VC) when the function is deployed. The term VirtualizedContainer (VC) is used herein to describe a Virtual Machine (VM) oroperating system container. VNFCs are in turn made up of one or moresoftware modules. Each module may spawn one or more operating systemprocesses when deployed.

A VNF instance (VNFI) is a run-time instantiation of the VNF softwareresulting from completing the instantiation of its VNFCs and theconnectivity between them. As multiple instances of a VNF can exist inthe same domain, the terms VNF and VNF Instance (VNFI) may be usedinterchangeably herein. Similarly, VNFC instance (VNFCI) is a run-timeinstantiation of a VNFC deployed in a particular VC. It has a lifecycledependency with its parent VNFI. As multiple instances of a VNFC canexist in the same domain, the terms VNFC and VNFC Instance (VNFCI) mayalso be used interchangeably herein.

FIG. 1 is a diagram of a network function virtualization framework 100for implementing NFV in accordance with one or more embodiments of thepresent application. The NFV framework 100 comprises a VNF module 102, acloud infrastructure module 104, a Service Design and Creation (SDC)module 106, a management module 108, a User Interface (UI) 110 module,and an optional operating support system (OSS)/business support system(BSS) module 112. A module may be a virtual element, a physical networkelement or embedded in a physical network element and may consist ofhardware, software, firmware and/or a combination of one or more ofhardware, software, and firmware.

In some embodiments, the VNF module 102 may comprise VNFs 116 and VNFCs118. Each VNF 116 may be composed of one or more VNFCs 118. In oneembodiment, the VNF module 102 may correspond with a network node in asystem and may be free from hardware dependency. The cloudinfrastructure module 104 is configured to provide virtual compute,storage and network resources to support the execution of the VNFs. Thecloud infrastructure module 104 may comprise COTS hardware, acceleratorcomponents where necessary and/or a software layer which virtualizes andabstracts underlying hardware. For example, the infrastructure module104 may comprise one or more of a virtual compute module 122, a virtualstorage module 124, and a virtual networking module 126 within avirtualization layer 120. The virtualization layer 120 may be operablycoupled to hardware resources 128 including, but not limited to computehardware 130, storage hardware 132 and network hardware 134.

In accordance with one or more embodiments of the present application,the SDC module 106 provides an integrated development platform fordesigning and creating network services (NSs). This process is enabledwith support of VNF onboarding and storage. VNFs are on-boarded as VNFpackages 114 each of which includes, but is not limited to a VNFDescriptor (VNFD) and a VNF software bundle. The VNFD is a set ofmetadata that describes VNF to VNFC structure and underlyinginfrastructure requirements. Services are defined in Network ServiceDescriptors (NSDs) 114, each of which is a set of metadata that describethe relationship between services, VNFs and any underlyinginfrastructure requirements. The SDC module 106 provides APIs which areusable by other modules for querying VNF/service artifacts, uploadingartifacts, and retrieving artifacts. Service and VNF artifacts arestored in a catalog 136. In some embodiments, this catalog is adatabase.

In some embodiments, the management module 108 is configured to enableorchestration, monitoring and lifecycle management of VNFs, the softwaredefined networks (SDN) that contain them and higher level services thatcombine the above. Additionally, the management module 108 is configuredto provide traditional FCAPS capabilities for the aforementioned VNFs,SDNs and services. The management module 108 operates on a set ofservice and VNF artifacts which are stored in and retrieved from the SDCmodule 106.

In accordance with one or more embodiments of the present application,the management module includes a set of subsystems 138 that comprises aService Orchestrator (SO) subsystem 140, a Policy subsystem 142, a DataCollection, Analytics and Event subsystem 144 and an Active andAvailable Inventory subsystem 146. The subsystems work closely togetherto enable service orchestration, VNF monitoring and VNF lifecyclemanagement.

In some embodiments, the SO subsystem 140 is configured for automatedsequencing of activities, tasks, rules and policies needed for thecreation, modification and removal of network applications, services,VNFs, Physical Network Functions (PNFs) and other resources. Further,specialized orchestrations scopes are supported. In some embodiments,these include, but are not limited to, NS and VNF scaling, homing andplacement.

In accordance with one or more embodiments of the present application,the Policy subsystem 142 provides for the creation and management ofmodifiable configurations, rules assertions and/or conditions to providereal-time decision making on conditions and events that underlie thefunctions of the management module 108. Policy scopes may include, butare not limited to, infrastructure management, NSs, VNFs, operationautomation, and security.

In some embodiments, the DCAE subsystem 144 enables closed loop controland correlation of business and operations activities. The modulecollects and publishes fault, performance, usage and configuration datain order to enable FCAPS functionality in the modules that comprise themanagement module 108. Further, it provides computation of analytics,and aids for trouble-shooting and management that are derived from thecollected data.

In accordance with one or more embodiments of the present application,the A&AI subsystem 146 maintains a live view of services and resourcesin the NFV system 100, providing the state and relationships betweenthem. Further it maintains a registry of external systems with which theNFV system 100 connects. An API that enables advanced search of theinventory data is provided and utilized by other management modules,including but not limited to the SO module 140, policy module 142 andDCAE module 144.

In accordance with one or more embodiments of the present application,the management module includes a set of controllers 148 that comprises aVirtual Function Controller (VFC) 150, an Application Controller (APPC)152, and a Software Defined Networking Controller (SDNC) 154. The VFC150 is an ETSI NFV architecture aligned VNF controller aimed atinterworking with components built to the ETSI NFV standard. The APPC152 is a VNF controller which manages OSI layer 4-7 services. The SDNC154 is a VNF/Physical Network Function (PNF) controller which managesOSI layer 1-3 services.

In some embodiments, the Virtual Function Controller (VFC) 150 is anETSI NFV Management and Orchestration (MANO) compliant provider of fullLCM and FCAPS for NSs and VNFs. It consists of two main components, aresource orchestration component and a VNF management component. Theresource orchestration component provides network service LCM along withFCAPS management for NSs and VNFs. ETSI compliant interfaces areprovided for NS package management, VNF package management and VNFoperation granting. The VFC 150 interworks with various managementsubsystems 138 to provide these capabilities. Further it utilizes acatalog synchronization interface provided by the SDC 106 to gain accessto NS and VNF packages. The VNF management component is provided by ageneric Virtual Network Function Manager (VNFM) as defined in the ETSINFV architecture specification. It supports VNF lifecycle managementdirectives which include, but are not limited to, deploy, scale, heal,start and stop from the VFC orchestration component. The generic VNFMwithin the VFC 150 may support multiple VNFs and multiple types of VNFs116. It interworks with multiple Virtual Infrastructure Managers (VIMs)158 directly or indirectly through a Multi-VIM/Cloud Adapter 156 inorder to provide the aforementioned VNF LCM.

In accordance with one or more embodiments of the present application,the Application Controller (APPC) 152 supports VNF lifecycle managementoperations which include, but are not limited to, deploy, scale, heal,migrate, start and stop. The APPC 152 interworks with various managementsubsystems 138 to provide these management capabilities. Further, insome embodiments, the APPC 152 is directed by the SO 140 or the Policysubsystem 142. An APPC 152 may support multiple VNFs and multiple typesof VNFs 116 as it is service and VNF agnostic. In some embodiments, theAPPC 152 manages a VNF using standards based protocols such as NETCONF,or platform automation protocols such as Chef/Ansible. The APPC 152interworks with multiple Virtual Infrastructure Managers (VIMs) 158directly or indirectly through a Multi-VIM/Cloud Adapter 156 in order toprovide the aforementioned VNF LCM.

In some embodiments, the Software Defined Networking Controller (SDNC)154 configures and maintains the health of layer 1-3 VNFs/PNFs andnetwork services throughout their lifecycle. The SDNC 154 interworkswith various management subsystems 138 to provide these managementcapabilities. Further, in some embodiments, the SDNC 154 is directed bythe SO 140, the Policy subsystem 142 or the DCAE subsystem 144. An SDNC154 may support multiple VNFs/PNFs and multiple types of VNFs/PNFs.Further, it manages all inventory within its scope which is typicallylimited to a single service/network domain. As with APPCs 152, SDNCs 154may interwork with multiple Virtual Infrastructure Managers (VIMs) 158directly or indirectly through a Multi-VIM/Cloud Adapter 156 in order tomanage VNFs/PNFs.

In accordance with one or more embodiments of the present application,the Multi-VIM/Cloud Adapter 156 enables deployment and execution of VNFson multiple infrastructure environments which may vary by vendor, cloudtype (public or private) and/or software distribution. The Adapter 156effectively provides a cloud mediation layer which prevents vendorlock-in and decouples the evolution of the NFV management system 108from the underlying cloud infrastructures 104.

In some embodiments, the VIM 158 is responsible for controlling andmanaging Cloud Infrastructure 104 compute, storage and network resourcesusually within an operator's infrastructure domain. Additionally, VIMs158 may be partitioned based on an operator's Points of Presence (PoPs),i.e. physical locations. VIMs are typically coupled to theinfrastructure management software with which they interwork. Thatsoftware may vary by type of cloud (public/private), vendor (e.g.Amazon, Microsoft, etc.) and/or different distributions (e.g. standardOpenStack, Red Hat OpenStack, etc.).

In accordance with one or more embodiments of the present application,UI module 110 provides multiple User Interfaces (UIs) into the NFVmanagement module 108. These UIs are enabled by APIs provided by themanagement subsystems 138, controllers 148 and other components withinthe management module 108. The UI module is comprised of a GraphicalUser Interface (GUI) 160 and a Command Line Interface (CLI) 162, thelatter of which is often preferred by network operators. It is expectedthat the provided GUI and CLI interfaces serve as the primary humaninterfaces into NFV systems that do not include a pre-existing OSS/BSSmodule 112.

In some embodiments, a network provider may have an existing OSS/BSSmodule 112 that is configured to support management functions such asnetwork inventory, service provisioning, networking configurations, andfault management. Further, the OSS/BSS module 112 may be configured tosupport end-to-end telecommunication services. In the embodiments thatinclude an OSS/BSS module 112, the OSS/BSS module must be able tointerwork with the NFV management module 108. As with the UI module 110,OSS/BSS 112 interworking is enabled through the use of APIs provided bythe management subsystems 138, controllers 148 and other componentswithin the management module 108.

FIG. 2 illustrates a VNF Descriptor (VNFD) 200 which defines the VNFproperties and requirements for onboarding and management of a VNF in anNFV system 100 (See FIG. 1) in accordance with one or more embodimentsof the present application. Each VNFD 200 includes VNF identificationattributes including a globally unique id, a provider identifier, aproduct identifier and a software version. Additionally, a VNFD includesone or more Virtual Deployment Units (VDUs) 202. Each VDU 202 mayinclude one or more VNFCs 118 (See FIG. 1). Given this, each VDU 202specifies the Compute 204 and Storage 206 resource requirements forrunning the included VNFCs. Additionally, the VDU 202 includes internalnetwork Connection Point Descriptors (CPD) 208 which describerequirements for networking ports to be used for VNFC 118 (See FIG. 1)to VNFC communication. In accordance with one or more embodiments of thepresent application, each VDU includes one or more VNFC Descriptors(VNFCDs) 210 that describe the VNFCs that execute inside the VCinstantiated based on this VDU 202. Further, a VC image descriptor 212is included in the VDU 202. This image descriptor includes a referenceto the location of the VC image required to install the VC that hoststhe VNFCs 116 (See FIG. 1) described by the VNFCDs 210. Typically, thelocation reference is internal to the VNF Package 114 (See FIG. 1), butthe reference may also refer to an external source. Additionally, insome embodiments, the VDU contains one or more VC Upgrade ScriptDescriptors 214. These scripts, which enable upgrade of the non-VNFCcomponents of the VC, may be included if the VNFCs 118 (See FIG. 1)defined by the VNFCDs 210 are independently upgradable from the VC thathosts them.

In addition to the VDUs 202, the VNFD 200 also includes internal VirtualLink Descriptors (VLD) 216 which describe the network connectivityrequirements between VNFCs within a VNF. Additionally, the VNFD 200includes external network Connection Point Descriptors (CPD) 218 whichdescribe requirements networking ports to be used for VNF 116 (SeeFIG. 1) communication. Further, the VNFD 200 includes descriptions ofdeployment flavors 220 which define size bounded deploymentconfigurations related to capacity. Additionally, the VNFD 200 mayinclude one or more VNF LCM script descriptors 222. Each VNF LCM scriptdescriptor 222 provides a reference to a lifecycle management scriptincluded in the VNF Package 114 (See FIG. 1).

FIG. 3 illustrates a VNFC Descriptor 300 which describes a VNFC thatmakes up part of a VNF 116 (See FIG. 1) in accordance with one or moreembodiments of the present application. The ID attribute 302 provides aunique identifier within the VNF for referencing a particular VNFC. Inone embodiment this identifier 302 is used to specify a particular VNFCduring a VNFC lifecycle management operation (start, stop kill, etc.).In another embodiment, this identifier 302 is used to determine thelocation of a VNFC-specific lifecycle management script within a VNFpackage 114 (See FIG. 1). Further, a VNFCD 300 may include a humanreadable VNFC name 304. Additionally, a VNFCD 300 may be include a setof configurable properties 306 of all VNFC instances based on this VNFCD300. Further, a VNFC Descriptor 300 may include one or more VNFCspecific lifecycle management script descriptors 308. Each LCM scriptdescriptor 304 provides a reference to a VNFC lifecycle script includedin the VNF Package 114 (See FIG. 1). Additionally, a VNFC Descriptor 300may also include an order attribute 310. An order attribute may be usedto control the start/stop order of the VNFCs during VNF lifecycleoperations such as instantiate and upgrade. Further, a VNFC Descriptor300 may also include a software load descriptor 312. A software loaddescriptor 312 provides a reference to a VNFC software load included inthe VNF Package 114 (See FIG. 1).

In accordance with one or more embodiments of the present application,FIG. 4 illustrates a VNF Package 400 which includes the requirements,configuration and software images required to onboard a VNF 116 (SeeFIG. 1) in an NFV system 100 (See FIG. 1). The VNF package is deliveredby a VNF provider as a whole and is immutable. The package is digitallysigned to protect it from modification. VNF Packages 400 are stored inan SDC Catalog 136 (See FIG. 1) in an NFV System 100 (See FIG. 1). Eachpackage contains a manifest file 402 which specifies the list ofcontents it contains. Further, the package 400 contains a VNFD 404,which as described in FIG. 3, includes the metadata for VNF onboardingand lifecycle management. Additionally, any VNF specific lifecyclemanagement (onboard, deploy, start, etc.) scripts 406 are included. Theactual binary images for each VC (VDU) 408 are also supplied. In someembodiments, a VC binary image is fully populated with the installedsoftware of one or more VNFCs. In other embodiments, a VC binary imageis populated with everything but the software required for running theassociated VNFCs. In accordance with one or more embodiments of thepresent application, the VNF package 400 may also contain any VNFCspecific lifecycle script files 410 supplied by the VNF provider.Further, in accordance with one or more embodiments of the presentapplication, the VNF package 400 may also contain any VNFC softwareloads 4102 supplied by the VNF provider. These VNFC software loads 412are useful during upgrade scenarios, as it may be desirable to upgradean individual VNFC instead of the entire VC. It should be noted that insome embodiments, the VNFC software loads 412 are also included in theVC image binary file 408 in order to ease and expedite initialdeployment. Further, in accordance with one or more embodiments of thepresent application, the VNF package 400 may also contain VC upgradescripts 414 supplied by the VNF provider. These VC upgrade scripts 414enable VC changes which may be required in order to run a newer versionof one or more VNFCs. Additionally, the VNF package may include otherfiles 416, which may consists of, but are not limited to, test files,license files and change log files.

In accordance with one or more embodiments of the present application,FIG. 5 illustrates a VNF Package Archive 500 which is a compressedcollection of the contents of a VNF Package 400 (See FIG. 4). In oneembodiment, the Cloud Service Archive (CSAR) format is used for deliveryof VNF packages 400 (See FIG. 4). A CSAR file is a zip file with awell-defined structure. In one embodiment the CSAR file structureconforms to a version of the Topology and Orchestration Specificationfor Cloud Application (TOSCA) standards. In one embodiment, the VNFpackage archive 500 conforms to a version of the TOSCA Simple Profilefor NFV specification.

The exemplary VNF Package Archive 500 embodiment includes a VNFDspecification file 502. In one embodiment, this file is expressed in YetAnother Modeling Language (YAML). The name of the file will reflect theVNF being delivered. Additionally, the package archive 500 may include amanifest file 504, which lists the entire contents of the archive. Inone embodiment, the manifest 504 will also include a hash of eachincluded file. Further, a signing certificate, including a VNF providerpublic key, may also be included 506 to enable verification of thesigned artifacts in the archive 500. Additionally, a change log file 508may be included that lists the changes between versions of the VNF. Alicenses directory 510 may also be included that holds the license files512 for all the applicable software component contained in the varioussoftware images 526. An artifacts directory 514 may be present to holdscripts and binary software images delivered in this package archive500. Under the artifacts directory, a scripts directory 516 may bepresent to hold the VNF lifecycle management scripts 518.

In accordance with one or more embodiments of the present application,the archive 500 may include a hierarchical directory structure 520 fororganization of all VDU artifacts under the artifacts directory 514.Under directory 520 may be a directory 522 for each specific VDU/VC.Under directory 522 may be a directory 524 for VDU/VC software imagefiles 526. Further, under directory 522 may be a directory 528 forVDU/VC upgrade script files 530. Additionally, there may be a VNFCdirectory 532, which contains a directory for each specific VNFC 534include in the VDU. In one embodiment, the name of directory 534 willmatch that of the ID field 302 (See FIG. 3) of the applicable VNFCD.Under each VNFC specific directory 534 may be a scripts directory 536which contains lifecycle management script files 538 for the VNFC.Additionally, a software loads directory 540 may be present to hold VNFCsoftware loads 542.

It should be understood that though a very hierarchical organizationstructure is depicted in this embodiment, other embodiments with flatterorganization structures are equally applicable so long as thecorresponding load and script descriptors in the VNFD 404 (See FIG. 4)reflect the correct location.

FIG. 6 illustrates an NFV deployment 600 that includes a VirtualizedContainer (VC) hosting multiple VNFCs in accordance with one or moreembodiments of the present application. The NFV system 600 is comprisedof at least one physical compute node 602. In one embodiment, thecompute node 602 hosts a hypervisor 604, which in turn manage one ormore Virtual Machines (VMs) 606. In another embodiment, the compute node602, hosts operating systems (OSs) 604 which manage one or morecontainers 606. Both embodiments provide virtualization environments inwhich the VNF Component Instances (VNFCI) 626 and 628 reside. As thevirtualization environment provided by both embodiments is sufficientfor execution, the two embodiments should be considered interchangeableherein, and are referenced by the term Virtualized Container (VC). Inaccordance with one or more embodiments of the present application, theVNFCIs 626 and 628 execute in VC 606.

Compute node 602 is comprised of a Central Processing Unit (CPU) module608, a memory module 610, a disk module 612 and a network interface card(NIC) module 614. As further shown in FIG. 6, NIC 614 communicatenetwork packets via a physical internal network 616, where in accordancewith one or more preferred embodiments network 616 may be a privatenetwork. The internal network may be connected to an external physicalnetwork 618 via, for example, one or more network routers 620.

Each VC 606 is comprised of a series of virtual resources that map to asubset of the physical resources on the compute nodes 602. Each VC isassigned one or more virtual CPUs (vCPUs) 622, an amount of virtualmemory (vMem) 624, an amount of virtual storage (vStorage) 626 and oneor more virtual NICs (vNIC) 628. A vCPU 622 represents a portion orshare of a physical CPU 608 that are assigned to a VM or container. AvMem 624 represents a portion of volatile memory (e.g. Random AccessMemory) 610 dedicated to a VC. The storage provided by physical disks612 are divided and assigned to VCs as needed in the form of vStorage626. A vNIC 628 is a virtual NIC based on a physical NIC 614. Each vNICis assigned a media access control (MAC) address which is used to routepackets to an appropriate VC. A physical NIC 614 can host many vNICs628.

In the case of a VM, a complete guest operating system 630 runs on topof the virtual resources 622-628. In the case of an operating systemcontainer, each container includes a separate operating system userspace 630, but shares an underlying OS kernel 604. In either embodiment,typical user space operating system capabilities such as secure shelland service management are available.

One or more VNFC instances (VNFCIs) 632 and 634 may reside in VC 606. Inaccordance with one or more embodiments of the present application, theVNFCIs 632 and 634 are instances of different types of VNFCs. In someembodiments the VNFCIs 632-634 are composed of multiple operating systemprocesses 636-642. In one embodiment each VNFCI 632 or 634 may beinstalled and managed as an operating system service. In anotherembodiment, a VNFCI 632 or 634 may be managed by a local NFV basedsoftware agent.

In accordance with one or more embodiments of the present application, aserver 644, running a virtualization layer with a shared kernel 646,provides one or more VCs, at least one of which hosts an SDC 648. Theserver 644 has one or more NICs 650 which provide connectivity to aninternal network 616 over which all incoming and outgoing messagestravel. The Service Design and Creation (SDC) component 648 provides theplatform for service modeling, creation, testing and distribution. TheSDC module 648 provides APIs 652-654 which are usable by othercomponents for querying VNF/service artifacts, uploading artifacts, andretrieving artifacts. Service and VNF artifacts are stored in aninternal catalog 136 (See FIG. 1). In some embodiments, the contents ofVNF package archives 500 (See FIG. 5) are extracted and stored in thecatalog 136 (See FIG. 1) to expedite access from other modules. In someembodiments, VNF packages based on other standards such as Open StackHeat may be on boarded. In such embodiments, artifacts may betransformed into a preferred internal format and stored in the SDC 648.

In some embodiments of the present application, a server or personalcomputer 656, hosts an GUI/CLI 658 which provides a user interface intothe management module 108 (See FIG. 1) of an NFV system. The server/PC656 has one or more NICs 660 which provide connectivity to an internalnetwork 618 over which all incoming and outgoing messages travel.Service and VNF lifecycle management (LCM) operations, destined for theService Orchestrator (SO) 666 may be initiated from the GUI/CLI 658.

In accordance with one or more embodiments of the present application, aserver 662, running a virtualization layer with a shared kernel 664,provides one or more VCs, at least one of which hosts an SO 666. Theserver 662 has one or more NICs 668 which provide connectivity to aninternal network 616 over which all incoming and outgoing messagestravel. The SO 666 provides the execution of automated sequencing ofactivities, task, rules and policies needed for creation, modification,removal of network services or VNFs. Further, the SO 666 provides an API670 which is usable by other components for network service and VNFlifecycle management. In some embodiments, the SO 666 maintains its ownview of the SDC catalog using the Service Distribution Interface 654. Inpreferred embodiments, the SO 666 interworks with the A&AI 676, Policy678 and DCAE 680 subsystems to provide system and VNF LCM.

In accordance with one or more embodiments of the present application, aserver 672, running a virtualization layer with a shared kernel 674,provides one or more VCs, hosting one or more management subsystems,including but not limited to, an A&AI subsystem 676, a Policy subsystem678, or a DCAE subsystem 680. The server 672 has one or more NICs 682which provide connectivity to an internal network 616 over which allincoming and outgoing messages travel. The A&AI 676 maintains a liveview of services and resources in the network, providing the state andrelationship of the service components. Further it maintains therelationships between the management components (controllers, etc.) andthe service components/resources being managed. The A&AI 676 provides anInventory interface 684 which enables complex inventory queries that areneeded by other components and subsystems. This interface 684 isutilized by the SO 666 to execute service and VNF LCM operations. ThePolicy subsystem 678 provides for the creation and management ofmodifiable configurations, rules assertions and/or conditions to providereal-time decision making on conditions and events that underlie thefunctions of the management module 108 (See FIG. 1). The Policysubsystem 678 provides a Policy query interface 684 which enables othercomponents and subsystems. In some embodiments to find and utilizeconfigured policies. In some embodiments, the SO 666 may query thePolicy subsystem 678 for policies applicable to service and VNF LCMoperations. The DCAE subsystem 680 gathers performance, usage andconfiguration data from the managed environment in order to enable FCAPSfor the service, VNF and PNF components. Further, the DCAE 680 includesvarious analytics applications that operate on these data feeds toprovide notifications of significant events or anomalies to othermanagement components. The DCAE subsystem 680 provides a FCAPS 686interfaces for the reporting of performance, usage, etc. data. Thisinterface 686 is utilized by VNFCIs 632-634 to report the aforementioneddata.

In accordance with one or more embodiments of the present application, aserver 687, running a virtualization layer with a shared kernel 688,provides one or more VCs, at least one of which hosts an APPC 689. Theserver 687 has one or more NICs 690 which provide connectivity to aninternal network 616 over which all incoming and outgoing messagestravel. The APPC 689 supports VNF configuration and lifecyclemanagement. Further it provides interfaces 691 for these functions thatthe SO 666 utilizes to instantiate, start, stop, etc. VNFs. The A&AI 676may be consulted before executing these operations and updated duringand after the operations complete. In one embodiment, the APPC 689retrieves VNF package archives 500 (See FIG. 5) or package contents502-542 (See FIG. 5) directly from an SDC 648 in order to instantiate aVNF. In another embodiment, the APPC 689 caches VNF package archives 500(See FIG. 5) or package contents 502-542 (See FIG. 5) managed VNFs forefficient access. In a preferred embodiment, VNF LCM interface 691provide additional commands for LCM of individual VNFCs 632-634.Further, once a VNF is instantiated, the APPC 689 may control, monitor,and update its configuration based on interfaces 692 that it is requiredto provide. As each VNF is comprised of one or more VNFCs 632-634, theconfiguration and monitoring interface is implemented on at least one ofthe VNFCs 632 or 634. Given this, the interfaces 692 are instantiated inone or more VNFCIs 626.

In one embodiment, a server 693 hosts a VIM 694 which is responsible formanaging the virtualized infrastructure of the NFV System 600. Theserver 693 has one or more NICs 695 which provide connectivity to aninternal network 616 over which all messages travel. There may be manyVIMs 694 in a system 600. The VIM 694 provides resource managementinterfaces 696 which are utilized by the APPC 689. In a preferredembodiment, the VIM 694 extracts and caches VC images stored in VNFPackages archives 500 (See FIG. 5) in order expedite the deploymentprocess. In order to fulfill a resource management request, a VIM 694may need to manage a compute node 602, hypervisor/OS 604, VM 606,network 616 switch, router 620 or any other physical or logical elementthat is part of the NFV System 600 infrastructure. In one embodiment, aVIM 694 will query the states of requisite logical and physical elementswhen a resource management request is received from an APPC 689. Thisembodiment may not be efficient however given the elapsed time betweenstate requests and responses. In another embodiment, a VIM 689 will keepa current view of the states of all physical and logical elements thatit manages in order to enable efficient processing when element statesare involved. Further, in some embodiments a VIM 689 updates the A&AI676 about resource state changes using the Inventory interface 684provided by the A&AI 676 and utilized by the SO 666 and APPC 689. Inother embodiments, the APPC 689 interworks with a Multi-VM/Cloud adapter156 (See FIG. 1), instead of directly with a VIM 689, to manageunderlying infrastructure resources.

FIG. 7 illustrates one example of a computing node 700 to support one ormore of the example embodiments. This is not intended to suggest anylimitation as to the scope of use or functionality of the embodimentsdescribed herein. Regardless, the computing node 700 is capable of beingimplemented and/or performing any of the functionalities or embodimentsset forth herein.

In computing node 700 there is a computer system/server 702, which isoperational with numerous other general purpose or special purposecomputing system environments or configurations. Examples of well-knowncomputing systems, environments, and/or configurations that may besuitable for use with computer system/server 702 include, but are notlimited to, personal computer systems, server computer systems, thinclients, thick clients, hand-held or laptop devices, multiprocessorsystems, microprocessor-based systems, set top boxes, programmableconsumer electronics, network PCs, minicomputer systems, mainframecomputer systems, and distributed cloud computing environments thatinclude any of the above systems or devices, and the like.

Computer system/server 702 may be described in the general context ofcomputer system-executable instructions, such as program modules, beingexecuted by a computer system. Generally, program modules may includeroutines, programs, objects, components, logic, data structures, and soon that perform particular tasks or implement particular abstract datatypes. Computer system/server 702 may be practiced in distributed cloudcomputing environments where tasks are performed by remote processingdevices that are linked through a communications network. In adistributed cloud computing environment, program modules may be locatedin both local and remote computer system storage media including memorystorage devices.

As shown in FIG. 7, computer system/server 702 in cloud computing node700 is shown in the form of a general-purpose computing device. Thecomponents of computer system/server 702 may include, but are notlimited to, one or more processors or processing units 704, a systemmemory 706, and a bus 708 that couples various system componentsincluding system memory 706 to processor 704.

Bus 708 represents one or more of any of several types of busstructures, including a memory bus or memory controller, a peripheralbus, an accelerated graphics port, and a processor or local bus usingany of a variety of bus architectures. By way of example, and notlimitation, such architectures include Industry Standard Architecture(ISA) bus, Micro Channel Architecture (MCA) bus, Enhanced ISA (EISA)bus, Video Electronics Standards Association (VESA) local bus, andPeripheral Component Interconnects (PCI) bus.

Computer system/server 702 typically includes a variety of computersystem readable media. Such media may be any available media that isaccessible by computer system/server 702, and it includes both volatileand nonvolatile media, removable and non-removable media.

The system memory 706 can include computer system readable media in theform of volatile memory, such as random access memory (RAM) 710 and/orcache memory 712. Computer system/server 702 may further include otherremovable/non-removable, volatile/non-volatile computer system storagemedia. By way of example only, storage system 714 can be provided forreading from and writing to a non-removable, non-volatile magnetic media(not shown and typically called a “hard drive”). Although not shown, amagnetic disk drive for reading from and writing to a removable,non-volatile magnetic disk (e.g., a “floppy disk”), and an optical diskdrive for reading from or writing to a removable, non-volatile opticaldisk such as a CDROM, DVD-ROM or other optical media can be provided. Insuch instances, each can be connected to bus 708 by one or more datamedia interfaces. As will be further depicted and described below,memory 706 may include at least one program product having a set (e.g.,at least one) of program modules that are configured to carry out thefunctions of various embodiments as described herein.

Program/utility 716, having a set (at least one) of program modules 718,may be stored in memory 706 by way of example, and not limitation, aswell as an operating system, one or more application programs, otherprogram modules, and program data. Each of the operating system, one ormore application programs, other program modules, and program data orsome combination thereof, may include an implementation of a networkingenvironment. Program modules 718 generally carry out the functionsand/or methodologies of various embodiments as described herein.

Aspects of the various embodiments described herein may be embodied as asystem, method, component or computer program product. Accordingly,aspects of the embodiments may take the form of an entirely hardwareembodiment, an entirely software embodiment (including firmware,resident software, micro-code, etc.) or an embodiment combining softwareand hardware aspects that may all generally be referred to herein as a“circuit,” “module” or “system.” Furthermore, aspects of the embodimentsmay take the form of a computer program product embodied in one or morecomputer readable medium(s) having computer readable program codeembodied thereon.

Computer system/server 702 may also communicate with one or moreexternal devices 720 such as a keyboard, a pointing device, a display722, etc.; one or more devices that enable a user to interact withcomputer system/server 702; and/or any devices (e.g., network card,modem, etc.) that enable computer system/server 702 to communicate withone or more other computing devices. Such communication can occur viaI/O interfaces 724. Still yet, computer system/server 702 cancommunicate with one or more networks such as a local area network(LAN), a general wide area network (WAN), and/or a public network (e.g.,the Internet) via network adapter 726. As depicted, network adapter 726communicates with the other components of computer system/server 702 viabus 708. It should be understood that although not shown, other hardwareand/or software components could be used in conjunction with computersystem/server 702. Examples, include, but are not limited to: microcode,device drivers, redundant processing units, external disk drive arrays,RAID systems, tape drives, and data archival storage systems, etc.

In general, the routines executed to implement the embodiments, whetherimplemented as part of an operating system or a specific application;component, program, object, module or sequence of instructions will bereferred to herein as “computer program code”, or simply “program code”.The computer program code typically comprises one or more instructionsthat are resident at various times in various memory and storage devicesin a computer, and that, when read and executed by one or moreprocessors in a computer, causes that computer to perform the stepsnecessary to execute steps or elements embodying the various aspects ofthe embodiments. Moreover, while the embodiments have and herein will bedescribed in the context of fully functioning computers and computersystems, the various embodiments are capable of being distributed as aprogram product in a variety of forms, and that the embodiments applyequally regardless of the particular type of computer readable mediaused to actually carry out the distribution. Examples of computerreadable media include but are not limited to physical, recordable typemedia such as volatile and non-volatile memory devices, floppy and otherremovable disks, hard disk drives, optical disks (e.g., CD-ROM's, DVD's,etc.), among others, and transmission type media such as digital andanalog communication links.

In addition, various program code described herein may be identifiedbased upon the application or software component within which it isimplemented in specific embodiments. However, it should be appreciatedthat any particular program nomenclature used herein is merely forconvenience, and thus the embodiments should not be limited to usesolely in any specific application identified and/or implied by suchnomenclature. Furthermore, given the typically endless number of mannersin which computer programs may be organized into routines, procedures,methods, modules, objects, and the like, as well as the various mannersin which program functionality may be allocated among various softwarelayers that are resident within a typical computer (e.g., operatingsystems, libraries, APIs, applications, applets, etc.), it should beappreciated that the embodiments are not limited to the specificorganization and allocation of program functionality described herein.

The exemplary environment illustrated in FIG. 7 is not intended to limitthe present embodiments. Indeed, other alternative hardware and/orsoftware environments may be used without departing from the scope ofthe embodiments described herein.

In accordance with one or more embodiments of the present application,FIG. 8 illustrates a VNF onboarding process 800 for a VNF which includeone or more VDUs composed of multiple VNFCs. A VNF provider constructs aVNF package 802 that includes at least one of a VNFD 200 (See FIG. 2)with one or more VNFC descriptors 300 (See FIG. 3) or one or more VNFCartifacts 410-412 (See FIG. 4). In one embodiment, the VNFD isconstructed as described in FIG. 2. In some embodiments, the VNFCdescriptors are constructed as described in FIG. 3. In one embodiment,the VNF Package includes one or more VNFC lifecycle management scripts410 (See FIG. 4). In another embodiment, the VNF package includes one ormore VNFC software loads 412 (See FIG. 4).

Once the VNF package 400 (See FIG. 4) has been constructed, the VNFprovider generates an archive 804 that contains the contents incompliance with the requirements of the destination SDC 648 (See FIG.6)/106 (See FIG. 1). In accordance with one or more embodiments of thepresent application, the archive may reflect the exemplary embodimentdepicted in FIG. 5. In one embodiment, the archive may be in the CloudService Archive (CSAR) format.

In step 806, an SDC 648 (See FIG. 6) receives the VNF Package Archive500 (See FIG. 5) from a VNF Provider which includes a VNF Package 400(See FIG. 4). In one embodiment, the archive is received by a packagemanagement system included within the SDC 658 (See FIG. 6). Once thepackage archive is received by the SDC 648 (See FIG. 6), the manifestfile 504 (See FIG. 5) is located and processed 808. If the manifest fileis not found, then processing of the archive ceases. If it is found,then the signing certificate 506 (See FIG. 5) is processed.Additionally, the SDC 648 (See FIG. 6) may perform other security checksbased on checksum, digest, etc. files contained in the archive againstthe trusted manifest file.

In step 810, the SDC 648 (See FIG. 6)/106 (See FIG. 1) on-boards thetraditional VNF package components. The VNFD file 502 (See FIG. 5) isfirst located and extracted from the VNF Package Archive 500 (See FIG.5). In one embodiment, the SDC may process the identification attributesin the VNFD file 502 (See FIG. 5), to see if the VNFD 200 (See FIG. 2)has been previously on-boarded into the SDC catalog 136 (See FIG. 1). Ifthe VNF identifier plus version are identical to what is in the catalog,then the VNF Provider may be prompted to confirm whether or not tocontinue, as this will result in a VNF package overwrite. If a VNFD file502 (See FIG. 5) under the same identification attributes is found, butthe version is newer, then the SDC 648 (See FIG. 6) may process this asa package update instead of as a package addition. In accordance withone or more embodiments of the present application, the VNFD file 502(See FIG. 5) may include one or more VNFC descriptors 212 (See FIG. 2).

Once the VNFD file 502 (See FIG. 5) is on-boarded, additional VNFpackage components 406-414 (See FIG. 4) are located and processed. Insome embodiments, the SDC 648 (See FIG. 6) loads VNFC software imagesand/or lifecycle management scripts 406-408 (See FIG. 4). In oneembodiment, these artifacts are extracted from the archive 500 (See FIG.5) and stored along with the VNFD file in the SDC catalog 136 (See FIG.1). In another embodiment, one or more of these artifacts may be storedin another database, and an external reference is added to the VNF entryin the SDC catalog 136 (See FIG. 1). In some cases, the VC softwareimage reference 210 (See FIG. 2) may specify an external source. In suchan embodiment, the software image may be uploaded from the source andstored in the SDC catalog 136 (See FIG. 1) for efficient, localizedaccess.

In step 812, and in accordance with one or more embodiments of thepresent application, VNFC artifacts are located and processed. In someembodiments, the SDC 648 (See FIG. 6) loads VNFC software loads and/orlifecycle management scripts 410-412 (See FIG. 4). In one embodiment,these artifacts are extracted from the archive 500 (See FIG. 5) andstored along with the VNFD file in the SDC catalog 136 (See FIG. 1). Inanother embodiment, one or more of these artifacts may be stored inanother database, and an external reference is added to the VNF entry inthe SDC catalog 142 (See FIG. 1). In some cases, the VNFC software loadreference 312 (See FIG. 3) may specify an external source. In such anembodiment, the software load may be uploaded from the source and storedin the SDC catalog 136 (See FIG. 1) for efficient, localized access.

In step 814, the VNFD in enabled in the SDC catalog 136 (See FIG. 1). Insome embodiments, the SDC 648 (See FIG. 6)/106 (See FIG. 1)automatically enables the VNFD once the on-boarding process hascompleted.

What is claimed is:
 1. A method for on-boarding a Virtual NetworkFunction (VNF) comprising a Virtual Deployment Unit (VDU) containing aplurality of Virtual Network Function Components (VNFCs), the methodcomprising: receiving, by a hardware-implemented server executing aService Design and Creation (SDC) module, an archive, created by a VNFprovider, the archive containing contents of a VNF package including aVNF Descriptor (VNFD) file containing the Virtual Deployment Unit (VDU),where the VDU further includes a plurality of VNFC descriptor files eachcorresponding to one of the plurality of VNFCs, and where the archivecontains VNFC artifacts; identifying, by the SDC module, a manifest filein the archive, the manifest file listing an entire contents of thearchive; on-boarding, by the SDC module, the VNFD file; on-boarding, bythe SDC module, the VDU; and enabling, by the SDC module, the VNF in acatalog of the SDC module comprising automatically enabling the VNF inthe catalog of the SDC module based on a completion of the on-boardingprocess.
 2. The method of claim 1, wherein the VNFC artifacts comprise:a VNF specific lifecycle management (LCM) script file; a VNFC specificlifecycle script file; a Virtualized Container (VC) upgrade scrip file;a VC image binary file; and a VNFC software load.
 3. The method of claim1, comprising: processing, by the SDC module, a signing certificatelocated in the archive based on the identifying the manifest file. 4.The method of claim 1, further comprising: storing, by the SDC module,the VNFD file in the catalog of the SDC module.
 5. The method of claim1, further comprising: storing, by the SDC module, the VNFD file in aremote database specified in a VC image descriptor file of the VNFD. 6.The method of claim 1, wherein the archive further includes: a VNFCdirectory that contains a separate directory for each VNFC of theplurality of VNFCs.
 7. An apparatus for on-boarding a Virtual NetworkFunction (VNF) comprising a Virtual Deployment Unit (VDU) containing aplurality of Virtual Network Function Components (VNFCs), the apparatuscomprising: a hardware-implemented server executing a Service Design andCreation (SDC) module configured to: receive an archive, created by aVNF provider, containing contents of a VNF package including a VNFDescriptor (VNFD) file containing the Virtual Deployment Unit (VDU),where the VDU further includes a plurality of VNFC descriptor files eachcorresponding to one of the plurality of VNFCs, and where the archivecontains VNFC artifacts; Identify a manifest file in the archive, themanifest file listing an entire contents of the archive; on-board theVNFD file; on-board the VDU; enable the VNF in a catalog of the SDCmodule; and store the VNFD file in a remote database specified in a VCimage descriptor file of the VNFD.
 8. The system of claim 7, wherein theVNFC software element artifacts comprise: a VNF specific lifecyclemanagement (LCM) script file; a VNFC specific lifecycle script file; aVirtualized Container (VC) upgrade scrip file; a VC image binary file;and a VNFC software load.
 9. The system of claim 7, wherein the SDCmodule is further configured to: process a signing certificate locatedin the archive based on the identification of the manifest file.
 10. Thesystem of claim 7, wherein the SDC module is further configured to:store the VNFD file in the catalog of the SDC module.
 11. The system ofclaim 7, wherein, when the SDC module enables the VNF, the SDC module isfurther configured to: automatically enable the VNF in the catalog ofthe SDC module based on a completion of the on-boarding process.
 12. Thesystem of claim 7, wherein the archive further includes: a VNFCdirectory that contains a separate directory for each VNFC of theplurality of VNFCs.
 13. A non-transitory computer readable mediumstoring instructions for on-boarding a Virtual Network Function (VNF)comprising a Virtual Deployment Unit (VDU) containing a plurality ofVirtual Network Function Components (VNFCs) that when read by aprocessor of a hardware-implemented server executing a Service Designand Creation (SDC) module cause the processor to: receive an archive,created by a VNF provider, containing contents of a VNF packageincluding a VNF Descriptor (VNFD) file containing the Virtual DeploymentUnit (VDU), where the VDU further includes a plurality of VNFCdescriptor files each corresponding to one of the plurality of VNFCs,where the archive contains VNFC artifacts, a VNFC directory thatcontains a separate directory for each VNFC of the plurality of VNFCsand where the archive contains a VNFC directory that contains a separatedirectory for each VNFC of the plurality of VNFCs; identify a manifestfile in the archive, the manifest file listing an entire contents of thearchive; on-board the VNFD file; on-boarding the VDU; and enable the VNFin a catalog of the SDC module.
 14. The non-transitory computer readablemedium of claim 13, wherein the VNFC software element artifactscomprise: a VNF specific lifecycle management (LCM) script file; a VNFCspecific lifecycle script file; a Virtualized Container (VC) upgradescrip file; a VC image binary file; and a VNFC software load.
 15. Thenon-transitory computer readable medium of claim 13, wherein theinstruction further cause to processor to: process a signing certificatelocated in the archive based on the identifying the manifest file. 16.The non-transitory computer readable medium of claim 13, wherein theinstruction further cause to processor to: store the VNFD file in thecatalog of the SDC module.
 17. The non-transitory computer readablemedium of claim 13, wherein the instruction further cause to processorto: store the VNFD file in a remote database specified in a VC imagedescriptor file of the VNFD.